3 million Verizon FiOS Customer Credentials Obtained In Breach

Updated: 4.30AM - YES AM! Earlier today there was reports that Verizon wireless customers had been breached, it turns out that it was infact the FiOS customers who were breached in this high profile attack that has seen over 3 million credentials obtained. The leak comes from a hacker who supports anonymous but does not class them self as a anon, @TibitXimer. FiOS is a internet service that Verizon supplies for people with iPhones, iPads etc. The leak was originally posted to a share site which required registration but has since been uploaded to anonfiles.me in a 16mb rar file that contains a 286mb txt file named rk10852_042_01z_m_ezzzzed_smgi.txt and is said to only contain a few hundred thousand accounts with the rest to possibly be leaked at a later date. > Updated the statement with more info and mirrors: pastebin.com/Nf9ThT03 | @verizon FIOS Hacked — Tibit (@TibitXimer) December 23, 2012

Zdnet did the first exclusive report on this hack state that the hack was carried out earlier in the year on july 12th and since then @TibitXimer had attempted to notify them of the breach and security issue but they ignored them only to result in this leak happening. Most recent announcement from @TibitXimer - since removed, lucky caches are good.

Merry Christmas! Hope you all are enjoying your holidays, I just wanted you all to open a present early, so here is a database with a few hundred thousand customer records from Verizon Wireless! It includes serial numbers, names, addresses, date they became a customer, password to their account, phone numbers, etc... -removed so i dnt get bitched at- Download, re-upload, spread, share, and have fun with the info! I am not apart of any hacking group however I do support Anonymous. If you have any questions feel free to tweet me at https://twitter.com/TibitXimer Have a Merry Christmas and a Happy New Year!

Update

Verizon has contacted us stating that ZDNet was totally incorrect with the statement and asked us to publish the following.

The ZDNet story is inaccurate. We take any attempts to violate consumer and customer privacy and security very seriously. This incident was reported to the authorities when we first learned of it months ago and an investigation was launched. Many of the details surrounding this incident are incorrect and exaggerated. No Verizon systems were breached, no root access was gained, and this incident impacted a fraction of the number of individuals being reported. Nonetheless, we notified individuals who could potentially have been impacted and took immediate steps to safeguard their information and privacy. Verizon has also notified law enforcement of this recent report as a follow-up to the original case.”

I myself have been doing a big of investigating and there will be an article on this to come shortly. Source: pastebin